Vulnerabilities > Dwbooster > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-02 | CVE-2021-24498 | Unspecified vulnerability in Dwbooster Calendar Event Multi View The Calendar Event Multi View WordPress plugin before 1.4.01 does not sanitise or escape the 'start' and 'end' GET parameters before outputting them in the page (via php/edit.php), leading to a reflected Cross-Site Scripting issue. | 6.1 |
| 2019-08-22 | CVE-2017-18579 | Cross-site Scripting vulnerability in Dwbooster Corner AD The corner-ad plugin before 1.0.8 for WordPress has XSS. | 6.1 |
| 2019-07-11 | CVE-2019-13505 | Cross-site Scripting vulnerability in Dwbooster Appointment Hour Booking 1.1.44 The Appointment Hour Booking plugin 1.1.44 for WordPress allows XSS via the E-mail field, as demonstrated by email_1. | 6.1 |